maltoolbox.attackgraph.node module

MAL-Toolbox Attack Graph Node Dataclass

class maltoolbox.attackgraph.node.AttackGraphNode(type: str, name: str, ttc: dict | None = None, id: int | None = None, asset: ~typing.Any | None = None, children: list[~maltoolbox.attackgraph.node.AttackGraphNode] = <factory>, parents: list[~maltoolbox.attackgraph.node.AttackGraphNode] = <factory>, defense_status: float | None = None, existence_status: bool | None = None, is_viable: bool = True, is_necessary: bool = True, compromised_by: list[~maltoolbox.attackgraph.attacker.Attacker] = <factory>, mitre_info: str | None = None, tags: list[str] = <factory>, attributes: dict | None = None, extras: dict = <factory>)[source]

Bases: object

Node part of AttackGraph

asset: Any | None = None

attributes: dict | None = None

children: list[AttackGraphNode]

compromise(attacker: Attacker) → None[source]

Have the attacker given as a parameter compromise this node.

Arguments: attacker - the attacker that will compromise the node

compromised_by: list[Attacker]

defense_status: float | None = None

existence_status: bool | None = None

extras: dict

property full_name: str: Return the full name of the attack step. This is a combination of the asset name to which the attack step belongs and attack step name itself.

id: int | None = None

is_available_defense() → bool[source]: Return True if this node is a defense node and it is not fully enabled and not suppressed via tags. False otherwise.

is_compromised() → bool[source]: Return True if any attackers have compromised this node. False, otherwise.

is_compromised_by(attacker: Attacker) → bool[source]

Return True if the attacker given as an argument has compromised this node. False, otherwise.

Arguments: attacker - the attacker we are interested in

is_enabled_defense() → bool[source]: Return True if this node is a defense node and it is enabled and not suppressed via tags. False, otherwise.

is_necessary: bool = True

is_viable: bool = True

mitre_info: str | None = None

name: str

parents: list[AttackGraphNode]

tags: list[str]

to_dict() → dict[source]: Convert node to dictionary

ttc: dict | None = None

type: str

undo_compromise(attacker: Attacker) → None[source]

Remove the attacker given as a parameter from the list of attackers that have compromised this node.

Arguments: attacker - the attacker that we wish to remove from the compromised

list.